﻿<%

Dim UserID
Dim username
Dim password
Dim Super
Dim lock
Dim RoleID

Sub User_Add()	
	
	username = reform("username")
	password = reform("password")
	Super	 = reform("Super")
	lock	 = reform("lock")	
	RoleID	 = reform("RoleID")


	sql = "SELECT * FROM Admin_User WHERE Admin_UserName = '" & username & "'"
	Set rs = conn.execute(sql)


	If Not rs.Eof Then

		AlertBox "用户名已经存在!","javascript:history.go(-1)"	

	End If

	rs.close


	Conn.BeginTrans
	On Error Resume Next

	sql = "INSERT INTO Admin_User(Admin_UserName,Admin_Password,Admin_UseFlag,Admin_SuperUser) VALUES( " &_
		  "'" & username & "'" &_
		  ",'" & md5(password) & "'" &_
		  ",'" & lock & "'" &_
		  ",'" & Super & "')" 
	
    conn.execute(sql)
	sql = "SELECT * FROM Admin_User WHERE Admin_UserName = '" & username & "'"
	Set rs = conn.execute(sql)

	If Not rs.Eof Then 
		UserID = rs(0)
	End If

	rs.close

	Call Add_User_Role(UserID,RoleID)


	If  err.number =0 Then   
	    conn.CommitTrans  
		AlertBox "用户增加成功！","User_Query.asp"
	Else  
		conn.RollbackTrans 
		AlertBox "用户增加失败！","User_Query.asp"
	End If 

End Sub

Sub User_Edit()	

	username = reform("username")
	password = reform("password")
	Super	 = reform("Super")
	lock	 = reform("lock")	

	UserID = reform("UserID")	
	RoleID = reform("RoleID")

	If password="" Then
		sql = "UPDATE Admin_User Set " &_
			  " Admin_UserName = '" & username & "'" &_
			  ",Admin_UseFlag   = '" & lock & "'" &_
			  ",Admin_SuperUser = '" & Super & "' " &_
			  " WHERE Admin_UserID = "&UserID
	Else
		sql = "UPDATE Admin_User Set " &_
			  " Admin_UserName = '" & username & "'" &_
			  ",Admin_Password = '" & md5(password) & "'" &_
			  ",Admin_UseFlag   = '" & lock & "'" &_
			  ",Admin_SuperUser = '" & Super & "' " &_
			  " WHERE Admin_UserID = "&UserID

	End If


	Conn.BeginTrans
	On Error Resume Next

    conn.execute(sql)

	Call Update_User_Role(UserID,RoleID)
	
	If Super="1" Then
		conn.Execute("DELETE FROM Admin_Role_User WHERE Admin_UserId="&UserID)	
	End If

	If  err.number =0 Then   
	    conn.CommitTrans  
		AlertBox "用户修改成功！","User_Query.asp"
	Else  
		conn.RollbackTrans 
		AlertBox "用户修改失败！","User_Query.asp"
	End If 

End Sub

Sub User_Del()

	UserID = Reform("Op_ID")	


	sql = "DELETE FROM  Admin_User WHERE Admin_UserID IN  ("&UserID &")"

	sql = Sql&";DELETE FROM  Admin_Role_User WHERE Admin_UserId IN  ("&UserID &")"

	On Error Resume Next
		  
    conn.execute(sql)

	if err.number =0 then  
		AlertBox "用户删除成功！","User_Query.asp"
	else 
		AlertBox "用户失败成功！","User_Query.asp"
	end if
	
End Sub

Sub Get_User_Info(UserID)

	sql = "SELECT * FROM Admin_User WHERE Admin_UserID = " &UserID

	Set rs = conn.execute(sql)
	
	If Not rs.eof Then
		username = rs("Admin_UserName")
		password = rs("Admin_Password")
		Super	 = rs("Admin_SuperUser")
		lock	 = rs("Admin_UseFlag")	
	End If	

	writebr useranme
	password = ""
End Sub 



'增加用户对应角色表
Sub Add_User_Role(UserID,RoleID)

	If RoleID="" Then Exit Sub 

	RoleID_arr = Split(RoleID,",")

	For i=0 To UBound(RoleID_arr)
		iRoleID = Trim(RoleID_arr(i))
		If iRoleID<>"" Then
			sql = "INSERT INTO Admin_Role_User(Admin_UserId,RoleID) VALUES("&UserID&","&iRoleID&")"
			conn.Execute(sql)
		End If

	Next
	
End Sub


'修改用户对应角色表
Sub Update_User_Role(UserID,RoleID)

	'先删除全部权限
	conn.Execute("DELETE FROM Admin_Role_User WHERE Admin_UserId="&UserID)	

	'未设置时退出
	If RoleID="" Then
		Exit Sub 
	End If

	'重置权限

	RoleID_arr = Split(RoleID,",")



	For i=0 To UBound(RoleID_arr)
		iRoleID = Trim(RoleID_arr(i))
		If iRoleID<>"" Then
			sql = "INSERT INTO Admin_Role_User(Admin_UserId,RoleID) VALUES("&UserID&","&iRoleID&")"
			conn.Execute(sql)
		End If

	Next
	
End Sub

Function Get_RoleIDArray(UserID)
		Sql = "SELECT RoleID FROM Admin_Role_User WHERE Admin_UserId="&UserID
		Get_RoleIDArray = GetRsRows(Sql)
End Function

Function Get_RoleIDChecked(RoleID,RoleIDArray)
	
	Dim IsCheck
	IsCheck=False

	If IsArray(RoleIDArray)  Then
		For i=0 to Ubound(RoleIDArray,2)
			If RoleID =  RoleIDArray(0,i)  Then 
				IsCheck = True 
				'writebr RoleIDArray(0,i)
			End If
			
		Next

		If IsCheck=True Then
			Get_RoleIDChecked = "Checked"
		Else
			Get_RoleIDChecked = ""
		End If
	Else
		Get_RoleIDChecked = ""
	End If

End Function


%>
